Possible Buffer Overrun in smbd

samba 3.0.7이하 3.0.x 버전에서 remote Buffer Overrun이 가능한 보안버그가 발견되었습니다. 자세한것은 아래를 참고하세요.

출처 : http://kr.samba.org/samba/news/#can-2004-0882

3.0.9 SRPM다운로드 http://kr.samba.org/samba/ftp/Binary_Packages/RedHat/SRPMS/samba-3.0.9-1...

----------------------------------------------------------------

The following security announcement was released publicly on the samba and samba-technical mailing lists on Monday, 15 November 2004.

Subject: Possible Buffer Overrun in smbd
CVE #: CAN-2004-0882
Affected
Versions: Samba 3.0.x <= 3.0.7

Summary: A possible buffer overrun in smbd could
lead to code execution by a remote user

Patch Availability
------------------

A patch for Samba 3.0.7 (samba-3.0.7-CAN-2004-0882.patch) is
available from http://www.samba.org/samba/ftp/patches/security/.
The patch has been signed with the "Samba Distribution Verification
Key" (ID F17F9772).

Description
-----------

Invalid bounds checking in reply to certain trans2 requests
could result in a buffer overrun in smbd. In order to exploit
this defect, the attacker must be able to create files with very
specific Unicode filenames on the Samba share.

Protecting Unpatched Servers
----------------------------

The Samba Team always encourages users to run the latest stable
release as a defense of against attacks. However, under certain
circumstances it may not be possible to immediately upgrade
important installations. In such cases, administrators should
read the "Server Security" documentation found at
http://www.samba.org/samba/docs/server_security.html.

Credits
--------

This security issue was reported to Samba developers by Stefan
Esser from e-matters Security (http://security.e-matters.de/).

-- Our Code, Our Bugs, Our Responsibility.

-- The Samba Team

관련 링크: http://kr.samba.org/samba/news/#can-2004-0882